Darkbloom – Private inference on idle Macs

Original Article ↗ Hacker News Discussion ↗

Architecture & Mac-Only Focus

  • Macs chosen as first target due to more uniform hardware/software stack and Apple security features.
  • Some argue PCs/phones would give far larger aggregate capacity, but PC GPU TEEs are less mature and more fragmented.
  • Apple Silicon’s unified memory is used so hypervisor-level page tables can theoretically protect both CPU and GPU memory.

Privacy, TEE Claims & Attestation Doubts

  • Core claim: end-to-end encrypted inference where operators can’t see prompts or outputs.
  • Many question feasibility without a public, third‑party TEE like SGX/TDX/SEV; Apple’s Secure Enclave isn’t exposed that way on macOS.
  • Paper’s approach relies on macOS hardening (SIP, Hardened Runtime, PT_DENY_ATTACH) plus MDM-based attestation.
  • Critics say SIP/Secure Boot can be disabled, binary hashes are self‑reported, and remote attestation of arbitrary third‑party code isn’t truly possible on Macs today.
  • Some call the privacy guarantees “best effort” or “snake oil,” stressing that a determined attacker or patched OS could exfiltrate data.
  • Others argue it’s still at least comparable or better than trusting a centralized provider’s logging practices, but “verifiable privacy” remains unproven.

MDM Requirement & Client Trust

  • Software enrolls the Mac in MDM to hook into Apple’s attestation infrastructure.
  • Concerns: loss of control, resale issues, potential for deep access.
  • A few posters clarify the specific MDM rights here are limited and don’t allow full device takeover, but the requirement is still a major psychological and security barrier.

Economics & Earnings Claims

  • ROI calculator suggests very high payouts (hundreds to >$1k/month), which many see as unrealistic or only true under 100% utilization and optimistic pricing.
  • Comparisons to GPU crypto mining: if profitable, industrial operators with cheaper power and scale will flood supply and drive earnings down.
  • Others note current demand on the network appears very low; multiple users report zero real inference requests despite being online.
  • Some think it might yield “lunch money,” not real income; hardware wear, SSD writes, and power/cooling are nontrivial.
  • Debate over whether decentralized inference can sustainably compete with hyperscalers’ batching efficiency.

Bootstrapping, Use Cases & UX

  • Two‑sided marketplace chicken‑and‑egg: plenty of providers early, almost no consumers; calls for seeding demand or free usage.
  • Interest in variants: internal office pools of Macs, self‑hostable versions, and non‑US regions wanting non‑BigTech providers.
  • Current software quality issues reported: failed model downloads, dependencies missing, broken benchmarks, and unusable calculators.